Fortify YOUR Defense with CyberSponse Adaptive Security

Slides:



Advertisements
Similar presentations
© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
Advertisements

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.
The Most Analytical and Comprehensive Defense Network in a Box.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
The Most Analytical and Comprehensive Defense Network in a Box.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
2015 NetSymm Overview NETSYMM OVERVIEW December
BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.
ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
R0 G74 B141 R221 G221 B221 R114 G114 B114 R0 G93 B91 R165 G33 B53 R207 G151 B27 CO PowerPoint colour palette RGB breakdown R189 G208 B238 HP Operations.
Welcome Information Security Office Services Available to Counties Security Operations Center Questions.
Visual Analytics for Cyber Defense Decision-Making Anita D’Amico, Ph.D. Secure Decisions division of Applied Visions, Inc.
Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.
If it’s not automated, it’s broken!
SIEM Rotem Mesika System security engineering
Advanced Endpoint Security Data Connectors-Charlotte January 2016
Sophos Central for partners and customers: overview and new features
Fourth Dimension Technologies
IoT Security Part 2, The Malware
OIT Security Operations
Hybrid Management and Security
Centralized Security Event Management
HP BSA Essentials Community Overview
C IBM Security QRadar SIEM V7.2.6 Associate Analyst
Machine Learning for Enterprise Security
Apache Spot (Incubating)
The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.
92% of the world’s data was created in the past 2 years
Microsoft Operations Management Suite Insight and Analytics
Securing the Network Perimeter with ISA 2004
Configuration Management with Azure Automation DSC
Security Automation Standards Landscape
Virtualization & Security real solutions
Transfer Learning: Analyst-Sourcing Behavioral Classification
Making Information Security Manageable with GRC
Innovation Insight for Security Orchestration, Automation and Response
How to Operationalize Big Data Security Analytics
Healthcare Cloud Security Stack for Microsoft Azure
Making Information Security Actionable with GRC
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
AKAMAI INTELLIGENT PLATFORM™
Ed oms team OMS: Log Analytics Ed oms team.
Is your deployment in pants-down mode?
Shifting from “Incident” to “Continuous” Response
Collaborative Business Solutions
Moving faster than the human
Panda Adaptive Defense Platform and Services
Secure once, run anywhere Simplify your security with Sophos
RSS 2000 Recording and Streaming Solution
Building an Integrated Security System Microsoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft
Enterprise Program Management Office
How to Modernize IT Service Management
1 5 Identify Connect Leverage MOBILE-READY SINGLE PLATFORM
SERVICENOW GOVERNANCE, RISK, AND COMPLIANCE
Educause 2018 Slido.com and Join D227
Lorem ipsum NAME OF PRESENTATION Click to add subtitle
SCHOOL SAFETY SUMMIT— ESC REGION 15
MSSP Security Orchestration Shopping List
CyberSecurity Strategy For Defendable ROI
Changing Role Tier 1 SOC Analysts Should You Stop Hiring?
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
What You Should Know About Driving Down MTTD and MTTR
Security Orchestration - A Catalyst for MSSP Speed to Market
OPIsrael And The Value Of Next Generation SOCs
Presentation transcript:

Fortify YOUR Defense with CyberSponse Adaptive Security

What is Security Orchestration Automation & Response? Why do I care or need it?

What are the key things Security Teams should look to automate? Email Phishing Endpoint Infections Hunt, Block & Tackle Incident Response Multiple Logins Attempts SIEM Rules Auth Events Alert Mission: Block Malicious Intent or Close as False Positive Source Target Response Who is? Asset? Block IP Geolocation? Owner? Disable Account Reputation? Cause? Patch Vulnerability Threat Intel? Who else? Audience questions: 1. How many Alerts What are the key elements needed to be ready for SOAR?  TTR Status Next 12 Mins? False Positive? 100+ alerts in queue 3+ Security Tools 3+ Security Staff

Challenges that SOAR Solves in Current Environment Alert Fatigue Slow Response Times Lack of Collaboration Challenges Alerts Overload Lenient Rules > False Positives > Alert Fatigue Strict Rules > True Negatives > Weak Security Multiple, Disintegrated Tools Fact: You would easily have 18 to 25 products to deal with Question: How many SIEM or Firewalls can you learn? Manual and Inconsistent responses causing weak security posture Solution: SOAR augments human analyst Single Pane of Glass to manage all activities of SOC Measure and Boost SOC Efficiency Deliver consistent investigation and response Leverage automation without programing skills Salient Features and Use Cases Integrated with SIEM to receive, respond and close the alert Automated Triaging, Enrichment, Investigation and Remediation Investigations for Phishing, C&C, Data Exfiltration etc. Automated Remediation with human approval Integrations with 250+ products, 3000+ actions

SOAR’s Integrate your SOC with diverse tools Investigate Remediate Enrich Ingest Triage Contain 250+ Connectors, 3000+ Actions

Enterprise Case Management Orchestration and Automation Why you want an Incident Response and Automation Platform Enterprise Case Management Orchestration and Automation Incident Response Platform Highly Configurable Role based Access Multi-Tenant Case Management Orchestration & Automation Playbooks Connectors/Integrations SOAR Platform Case Management Automated Playbooks Multi Tenant Highly configurable platform Contextual Data Visualization Build your own Modules Visual Playbook Designer, Out of Box Connectors, Real Life Use Case’s Reference Content Distributed/Federated Architecture Control Access to Data and Playbooks

SOAR’s Automate Information Flow & Incident Response Action Block URL, IP, Domain, File hash Disable User Account Reset Password Orient Gauge the Impact Integrations eMails Lorem Ipsum Lorem ipsum dolor sit amet, consectetur adipiscing elit SIEM Alerts Observe Enriched contextual data from Threat Intel, Asset Management, User Directory, Historical Data Decide Manual Decisions, Tasks, Approvals Other Alerts (EDR, IDS etc) Actionable Data SOAR Alert Record Response Playbooks

How to Obtain a Security Operations ROI with SOAR FASTER RESPONSE Time Per to Complete Weekly Incidents Time Spent Time Cost Savings Annually Savings (Hours) Savings (%) ($150/h)   45 50 390 0% $0.00 Manual minutes Incidents hours 22 75 190 200 75% $180,000 Semi-Automated 1.4 100 12 378 98% $472,800 Automated Minutes INCREASE MORALE Cost Savings MANAGE ALERTS Threat Window

Explore CyOPsTM Community Edition Reach us at Sales@CyberSponse.com Manage: Alerts, Incidents, Indicators, Tasks across Tenants Measure: MTTD, MTTR, ROI, Reports, Dashboards Respond: Automate, Visual Playbook Designer, Out of Box Connectors Solutions: SOC Automation, Vulnerability Management and BYOS